From 9c528d5f2b14c6a9f379e8066cabd4b44db02476 Mon Sep 17 00:00:00 2001 From: Peace-Maker Date: Mon, 22 Apr 2024 15:38:50 +0200 Subject: [PATCH 1/2] Add "none" ssh authentication method Allow to "disable" ssh authentication if the remote server has it enabled. Fixes #2380 --- pwnlib/tubes/ssh.py | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/pwnlib/tubes/ssh.py b/pwnlib/tubes/ssh.py index 9d5c2d7ea..5463df518 100644 --- a/pwnlib/tubes/ssh.py +++ b/pwnlib/tubes/ssh.py @@ -573,7 +573,8 @@ class ssh(Timeout, Logger): def __init__(self, user=None, host=None, port=22, password=None, key=None, keyfile=None, proxy_command=None, proxy_sock=None, level=None, - cache=True, ssh_agent=False, ignore_config=False, raw=False, *a, **kw): + cache=True, ssh_agent=False, ignore_config=False, raw=False, + auth_none=False, *a, **kw): """Creates a new ssh connection. Arguments: @@ -587,10 +588,11 @@ def __init__(self, user=None, host=None, port=22, password=None, key=None, proxy_sock(str): Use this socket instead of connecting to the host. timeout: Timeout, in seconds level: Log level - cache: Cache downloaded files (by hash/size/timestamp) - ssh_agent: If :const:`True`, enable usage of keys via ssh-agent - ignore_config: If :const:`True`, disable usage of ~/.ssh/config and ~/.ssh/authorized_keys - raw: If :const:`True`, assume a non-standard shell and don't probe the environment + cache(bool): Cache downloaded files (by hash/size/timestamp) + ssh_agent(bool): If :const:`True`, enable usage of keys via ssh-agent + ignore_config(bool): If :const:`True`, disable usage of ~/.ssh/config and ~/.ssh/authorized_keys + raw(bool): If :const:`True`, assume a non-standard shell and don't probe the environment + auth_none(bool): If :const:`True`, try to authenticate with no authentication methods NOTE: The proxy_command and proxy_sock arguments is only available if a fairly new version of paramiko is used. @@ -686,6 +688,11 @@ def __init__(self, user=None, host=None, port=22, password=None, key=None, " To remove the existing entry from your known_hosts and trust the new key, run the following commands:\n" " $ ssh-keygen -R %(host)s\n" " $ ssh-keygen -R [%(host)s]:%(port)s" % locals()) + except paramiko.SSHException as e: + if user and auth_none and str(e) == "No authentication methods available": + self.client.get_transport().auth_none(user) + else: + raise self.transport = self.client.get_transport() self.transport.use_compression(True) From 8c883f9a1c0f0a9802d4ea4e71ff9c18e4a64aab Mon Sep 17 00:00:00 2001 From: Peace-Maker Date: Sun, 12 May 2024 15:04:05 +0200 Subject: [PATCH 2/2] Add CHANGELOG --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index fb60b6768..b26464365 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -82,6 +82,7 @@ The table below shows which release corresponds to each branch, and what date th - [#2391][2391] Fix error message when passing invalid kwargs to `xor` - [#2376][2376] Return buffered data on first EOF in tube.readline() - [#2387][2387] Convert apport_corefile() output from bytes-like object to string +- [#2405][2405] Add "none" ssh authentication method [2360]: https://github.com/Gallopsled/pwntools/pull/2360 [2356]: https://github.com/Gallopsled/pwntools/pull/2356 @@ -93,6 +94,7 @@ The table below shows which release corresponds to each branch, and what date th [2391]: https://github.com/Gallopsled/pwntools/pull/2391 [2376]: https://github.com/Gallopsled/pwntools/pull/2376 [2387]: https://github.com/Gallopsled/pwntools/pull/2387 +[2405]: https://github.com/Gallopsled/pwntools/pull/2405 ## 4.13.0 (`beta`)